package com.newtouch.bxzs.common.base.config;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * Security配置类
 *
 * <p>
 * <b>History:</b>
 * <table border="1">
 * <tr>
 * <th>Date</th>
 * <th>Operator</th>
 * <th>Memo</th>
 * </tr>
 * <tr>
 * <td>2021年3月4日</td>
 * <td>Amour</td>
 * <td>Create</td>
 * </tr>
 * </table>
 *
 * @author Amour
 *
 * @version 1.0.0
 * @since 1.0.0
 */
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests()
				.mvcMatchers("/public/**","/baseCommon/**", "/externalController/**", "/policyNotice/**",
						"/conferenceController/acceptionConference", "/activityController/acceptionActivity",
						"/doc.html", "/swagger-ui.html", "/swagger-resources/**", "/v2/api-docs", "/webjars/**",
						"/endpointWisely/**","/policyInsurance/**","/familyPolicyInsurance/**","/enterprisePolicyInsurance/**",
						"/customerAnalysisController/**","/customerFamilyRelationshipController/**","/advertisementController/**",
								"/cooperation/**","/productController/getProductDetail","recommendationController/getRecommendationDetail",
						"/recommendationController/**","/conferenceController/acceptCustomerAttendance",
						"/recommendationController/getRecommendationByRelationId")
				.permitAll().anyRequest().authenticated().and().csrf()
				.requireCsrfProtectionMatcher(new CsrfSecurityRequestMatcher()).and().oauth2ResourceServer().jwt();
	}

}
